7.5
CVE-2023-4334
- EPSS 0.09%
- Veröffentlicht 15.08.2023 19:15:11
- Zuletzt bearbeitet 04.11.2025 17:15:40
- Quelle cret@cert.org
- CVE-Watchlists
- Unerledigt
LoginBroadcom RAID Controller Web server (nginx) is serving private files without any authentication
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Broadcom ≫ Raid Controller Web Interface Version51.12.0-2779
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.253 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.